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AMENDMENTS TO THE CLAIMS 



1 . (Currently Amended) A method for requesting a service-specific traffic encryption key 
from a subscriber station to a base station in a data communication w ir e l e s s portabl e Int e rnet 
system, the method comprising: 

(a) determining a service type for th e requested atraffic encryption key to be used for 
security on a traffic connection to the base station prior to establishing the traffic connection^ 
wherein the traffic encryption key is used to encrypt traffic data to be transferred through a data 
traffic between the subscriber station and the base station, and the service type represents a type 
of the data traffic and is one of a unicast service, a multicast service, and a broadcast service: 

(b) generating a Key Request message for requesting a traffic encryption key 
corresponding to the determined service typ e, wherein the Key Request message includes the 
determined service type : and 

(c) sending the generated Key Request message to the base station using a media access 
control (MAC) message : and 

(d) receiving a Key Reply message including the traffic encryption key corresponding to 
the determined service type from the base station 

wherein the s e rvice typ e is r e corded in a param e t e r included in the Key Request message . 

2-3. (Cancelled) 

4. (Currently Amended) The method as claimed in claim 3 claim L wherein when the 
service type is a multicast service, the parameter of the Key Request message includes an ID 
containing an identifier of a multicast service group for a subscriber. 

5, (Currently Amended) The method as claimed i n claim 3 claim 1 , wherein the step (c) 
includes sending the Key Request message using a PKM-REQ (Privacy Key Management- 
Request) that is one of MAC messages of the IEEE 802.16 standard protocol. 
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6. (Currently Amended) A method for generating and distributing a service-specific 
traffic encryption key from a base station to a subscriber station in a wireless portable Internet 
data communication system, the method comprising: 

(a) receiving a Key Request message from the subscriber station requesting the service- 
specific traffic encryption ke y, wherein the service-specific traffic encryption key is used to 
encrypt traffic data to be transferred through a data traffic between the subscriber station and the 
base station, and the Key Request message includes a service type representing a type of the data 
traffic and being one of a unicast service, a multicast service, and a broadcast service : 

(b) analyzing the Key Request message to d e t e rmin e a extract the service type; 

(c) generating a traffic encryption key according to the d e termin e d extracted service type; 

and 

(d) generating a Key Reply message including the generated traffic encryption key and 
sending the generated Key Reply message to the subscriber station using a MAC message? 

wh e r e in the s e rvice typ e is r e cord e d in a param e t e r includ e d in the K e y R e quest message . 

7. (Previously Presented) The method as claimed in claim 6, wherein the base station 
analyzes the parameter to determine the service type. 

8. (Previously Presented) The method as claimed in claim 6, wherein the step (c) 
includes: in the case that generation of the traffic encryption key for the subscriber station is a 
failure due to the determined service type, the base station generating a Key Reject message 
including an error code indicating a reason of the failure and sending the generated Key Reject 
message to the subscriber station using a MAC message. 

9. (Original) The method as claimed in claim 8, wherein the base station enters 
"unsupported service type" on the error code and sends the error code to the subscriber station in 
the case that the traffic encryption key for a service type corresponding to a traffic encryption key 
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request of the subscriber station cannot be generated and distributed. 

10. (Cancelled) 

11. (Currently Amended) The method as claimed in claim 10 claim 6 . wherein the base 
station enters "unauthorized multicast service group ID" on the error code and sends the error 
code to the subscriber station in the case that the service type for the traffic encryption key 
requested by the subscriber station is a multicast service and defined as unsupported multicast 
service for the specific multicast service group ID, because the SS is not authorized for the 
specific multicast service group by the base station. 

12. (Original) The method as claimed in claim 8, wherein the Key Reply message and the 
Key Reject message are sent using a PKM-RSP (Privacy Key Management-Response) message 
that is one of MAC messages of the IEEE 802.16 standard protocol. 

13. (Currently Amended) A protocol configuration method for generating and distributing 
a service specific traffic encryption key to be used for security on a traffic connection between a 
base station and a subscriber station in th e wir e less portabl e Internet a data communication 
system, the protocol configuration method comprising: 

(a) the subscriber station sending a Key Request message for requesting a service-specific 
traffic encryption key to the base station using a MAC messag e, wherein the service-specific 
traffic encryption key is used to encrypt traffic data to be transferred through a data traffic 
between the subscriber station and the base station, and the Key Request message includes a 
service type representing a type of the data traffic and being one of a unicast service, a multicast 
service, and a broadcast service : and 

(b) the base station analyzing the Key Request message received from the subscriber 
station, generating the requested service-specific traffic encryption key, and sending a Key Reply 
message including the generated service-specific traffic encryption key to the subscriber station 
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using a MAC message, 

wherein the generated service-specific traffic encryption key is generated corresponding 
to the service type included in the Key Request messag e a service typ e is record e d in a param e ter 
included in th e K e y R e qu e st m e ssag e. 

14. (Original) The protocol configuration method as claimed in claim 13, wherein the 
step (a) comprises: 

sending the Key Request message using a PKM-REQ message that is one of MAC 
messages of the IEEE 802.16 standard. 

15. (Original) The protocol configuration method as claimed in claim 13, wherein the 
step (b) comprises: 

sending a Key Reject message including an error code recording a reason of a failure to 
the subscriber station using a MAC message in the case that generation of the service-specific 
encryption key is failed. 

16. (Original) The protocol configuration method as claimed in claim 15, wherein the 
step (b) comprises: 

sending the Key Reply message and the Key Reject message using a PKM-RSP message 
that is one of MAC messages of the IEEE 802.16 standard protocol. 

17. (Currently Amended) An apparatus wirelessly connected to a base station in a 
wir e less portabl e Int e rn e t data communication system so as to request a service-specific traffic 
encryption key from the base station, the apparatus comprising: 

a Key Request message generator for generating a Key Request message for requesting 
the service-specific traffic encryption key from the base station , wherein the service-specific 
traffic encryption key is used to encrypt traffic data to be transferred through a data traffic 
between the apparatus and the base station, and the Key Request message includes a service type 
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representing a type of the data traffic and being one of a unicast service, a multicast service, and 
a broadcast service ; 

a Key Request message sender for sending the Key Request message of the Key Request 
message generator to the base station using a MAC message; 

a Key Reply/Reject message receiver for receiving a Key Reply message or a Key Reject 
message from the base station using a MAC message , wherein the Key Reply message includes 
the traffic encryption key corresponding to the service type included in the Key Request message : 

a message analyzer for analyzing the Key Reply message or the Key Reject message from 
the Key Reply/Reject message receiver to extract the traffic encryption key from the Key Reply 
message, or analyze an error type from the Key Reject message; and 

a key request controller for controlling operations of the Key Request message generator, 
the Key Request message sender, the Key Reply/Reject message receiver, and the message 
analyzer, and requesting the base station to allocate the service-specific traffic encryption key and 
process the traffic encryption key according to the requested key allocation or an error code 
generated upon occurrence of an error as received from the base station^ 

wherein a se nde e typ e is record e d in a param e t e r includ e d in th e K e y R e quest messag e, 

18. (Previously Presented) The apparatus as claimed in claim 17, wherein the Key 
Request message further comprises a multicast service group ID of the subscriber station when 
the service type is a multicast service. 

19. (Original) The apparatus as claimed in claim 17, further comprising: 

a memory for storing information including the traffic encryption key or the error code 
resulted from an analysis of the message analyzer under the control of the key request controller. 

20. (Currently Amended) An apparatus provided to a base station for generating and 
distributing a service-specific traffic encryption key in a wireless portabl e Intern e t data 
communication system, the apparatus comprising: 
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a Key Request message receiver receiving a Key Request message requesting the service- 
specific traffic encryption key from-the a subscriber station using a MAC message , wherein the 
service-specific traffic encryption key is used to encrypt traffic data to be transferred through a 
data traffic between the subscriber station and the base station, and the Key Request message 
includes a service type representing a type of the data traffic and being one of a unicast service, a 
multicast service, and a broadcast service : 

a message analyzer analyzing the Key Request message of the Key Request message 
receiver to extract information including a service type in the Key Request message; 

a subscriber discriminator determining whether a traffic encryption key can be allows to a 
requested service type wording to the Key Request message; 

a traffic encryption key generator generating a service-specific traffic encryption key 
corresponding to the service type extracted analyz e d b v the message analyzer; 

a Key Reply message sender generating a Key Reply message including the traffic 
encryption key generated by the traffic encryption key generator according to the requested 
service type from the subscriber station, and sending the generated Key Reply message to the 
subscriber station using a MAC message; and 

a key generation and distribution controller for controlling operations of the Key Request 
message receiver, the message analyzer, the subscriber discriminator, the traffic encryption key 
generator, and the Key Reply message sender to generate and distribute a corresponding service- 
specific traffic encryption key according to a request for service-specific traffic encryption key 
refreshment from the subscriber station^ 

wh e r e in th e servic e typ e is r e corded in a paramet e r includ e d in th e K e y R e qu e st m e ssag e. 

21. (Original) The apparatus as claimed in claim 20, further comprising: 
a Key Reject message sender for sending a Key Reject message including an error code to 
the subscriber station using a MAC message under the control of the key generation and 
distribution controller in the case that the traffic encryption key generator generates an error for 
the request of the subscriber station. 
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22. (Original) The apparatus as claimed in claim 20, further comprising: 

a memory for storing information including an analysis result of the message analyzer and 

a discrimination result of the subscriber discriminator under the control of the key generation and 

distribution controller. 
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